Authentication with the Common Paper API

The Common Paper API uses Bearer authentication. Bearer authentication, also known as token authentication, is a way to keep information safe using keys called bearer tokens. Think of it like a key that gives access to anyone who has it. To see your organization's agreements, users, etc you need to send this token in an authorization header with your request. You should keep this API key secret and store it only in encrypted resources (ie. not in plain text in your github repo, even a private one).

Creating an API Key

To create an API key, log into and use the side bar to access your Integrations page. There you can create an API key or delete an old one.

Key scope

The key is scoped to your organization, so it will have access to all the agreements in your organization, not just the ones you created.

Using the API Key to fetch agreements

Below is a simple example to verify that your key is working. Open a terminal window and paste in the code below, replacing YOUR_API_KEY with your actual key. If it returns an empty array or a list of your agreements, you're all set! If you receive an Unauthorized response, make sure your key is exactly as we we sent it or delete the key and try a new one.

curl -X GET "" -H "Authorization: Bearer YOUR_API_KEY"

Note: If you delete an API key, it will stop working for anyone else using this key immediately.